The Human Side of Information Security Awareness

Most organizations implement a number of positive measures to secure their network as information security practices are built on technology, policies, and people. While organizations may utilize the best practices to secure their policies and procedures, security awareness is often compromised by lack of employee awareness. Even the strongest security technologies and policies may be evaded by unaware or untrained employees. An effective information security program requires all employees at every level, from the top down, to have a basic understanding of security policies and their respective responsibilities in protecting company assets. The purpose of this blog is to explore factors in developing, implementing, measuring and managing an effective Information Security Awareness Program through proactive and security-conscious behavior as most attacks now come from internal sources instead of external. This blog will serve as a framework in which Technology and Security professionals seeking to improve information security.